skip to Main Content

I am not sure weather azure storage account is domain joined or not. I want to access files from the azure file share storage as shared path without mounting this file share.

2

Answers


  1. Chosen as BEST ANSWER

    Account is domain joined or not, can be checked from the Azure file share itself when we click the connect button it show authentication method as active directory enabled. and also we can check it from the overview of the account also.


  2. • You can check if the storage account is domain joined or not by checking the on-premises ADDS environment for a computer account or a service logon account with User Principal Name/Service Principal Name as ‘cifs/your-storage-account-name-here.file.core.windows.net’. For this purpose, you should have ‘ADUser.Read’ permissions on the Active Directory environment or you should logon to the AD Users and Computers console with the ID who is a member of ‘Domain Members’ group.

    • If you have ‘Contributor’ role access to Azure resources in your tenant, execute the below command in Azure cloud powershell to know detailed information regarding the storage account authentication with Active Directory. If the storage account is domain joined to an ADDS environment, then it will display accordingly: –

     Debug-AzStorageAccountAuth -StorageAccountName $StorageAccountName -ResourceGroupName $ResourceGroupName -Verbose
    

    Also, to know whether the Azure files authentication for on-premises identities is enabled or not, kindly refer to the below documentation link. It describes a powershell script which shows the Active Directory service options for files share in your storage account: –

    https://learn.microsoft.com/en-us/azure/storage/files/storage-files-identity-ad-ds-enable#confirm-the-feature-is-enabled

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search